Data Breach: Who’s to Blame?

The IT department usually has a number of ideas about what they can do to help with data access governance. The issue is usually that they require budget to purchase third-party tools, such as for the password issue that end users face, mentioned earlier. If they meet with the line of business managers to start answering the questions being asked, perhaps together they can build a case that shows why it’s important to address these issues and avoid the alternatives, which will ultimately be much more costly (think breach, media coverage, stock price etc.).

Data breaches are reported all the time in the news - and often when a breach occurs, fingers are pointed at everyone from hackers, to CSOs, IT and even end users. So in looking at a typical breach, Jackson Shaw, senior director of product management at Quest Software, wanted to break down why the fingers get pointed at these particular people (aside from the hacker, as that’s generally an obvious target) and why they should each care about data governance. For simplicity, he’s going to break this down into three groups: The end user, the IT department, and the line of business manager, and he’ll use the case of financial data.